Hello, can you please help me pwdExpireWarning

I have setuped pwdExpireWarning 300 *5 min*

then UI updated password for user

0000: 30 6d 02 01 02 64 68 04 1f 75 69 64 3d 6d 61 78 0m...dh..uid=max 0010: 2c 6f 75 3d 75 73 65 72 73 2c 6f 75 3d 74 72 61 ,ou=users,ou=tra 0020: 6e 73 6d 61 73 74 65 72 30 45 30 1e 04 0b 6f 62 nsmaster0E0...ob 0030: 6a 65 63 74 43 6c 61 73 73 31 0f 04 0d 69 6e 65 jectClass1...ine 0040: 74 4f 72 67 50 65 72 73 6f 6e 30 23 04 0e 70 77 tOrgPerson0#..pw 0050: 64 43 68 61 6e 67 65 64 54 69 6d 65 31 11 04 0f dChangedTime1... 0060: 32 30 31 31 30 31 32 38 30 37 35 34 33 31 5a 20110128075431Z

After 5 minutes, if a user tries to connect to the database, it must issue a message, right ?

-------------------------------------------------- This attribute controls whether and when a warning message of password expiration will be returned on a bind attempt. --------------------------------------------------

But nothing happen.. :(

I have this ppolice : dn: cn=std, ou=ppolicy, ou=transmaster pwdCheckModule: check_password.so pwdMaxFailure: 6 pwdMustChange: TRUE pwdAttribute: userPassword pwdMinLength: 7 pwdSafeModify: FALSE pwdInHistory: 4 pwdGraceAuthNLimit: 3 pwdCheckQuality: 1 objectClass: pwdPolicy objectClass: top objectClass: device objectClass: pwdPolicyChecker pwdLockoutDuration: 60 cn: std pwdAllowUserChange: TRUE pwdExpireWarning: 300 pwdLockout: TRUE

Thank you

-----Original Message----- From: openldap-technical-bounces@OpenLDAP.org [mailto:openldap-technical-bounces@OpenLDAP.org] On Behalf Of openldap-technical-request@OpenLDAP.org Sent: Thursday, January 27, 2011 6:00 PM To: openldap-technical@openldap.org Subject: openldap-technical Digest, Vol 38, Issue 26

Send openldap-technical mailing list submissions to openldap-technical@openldap.org

To subscribe or unsubscribe via the World Wide Web, visit http://www.openldap.org/lists/mm/listinfo/openldap-technical or, via email, send a message with subject or body 'help' to openldap-technical-request@openldap.org

You can reach the person managing the list at openldap-technical-owner@openldap.org

When replying, please edit your Subject line so it is more specific than "Re: Contents of openldap-technical digest..."

Send openldap-technical mailing list submissions to openldap-technical@openldap.org When replying, please edit your Subject: header so it is more specific than "Re: openldap-technical digest..."

Today's Topics:

1. Re: Replication monitoring (Andreas Andersson) 2. Re: Replication monitoring (Peter Boosten) 3. Re: problem with limits configuration (Dan Pritts) 4. Re: Replication monitoring (Peter Boosten) 5. Re: Replication monitoring (Peter Boosten) 6. Re: Failover Failure Advice (Anton Chu) 7. Re: Failover Failure Advice (Quanah Gibson-Mount) 8. Re: Failover Failure Advice (Chris Jacobs) 9. Re: slapd logging in chroot() environment (Peter Palmreuther) 10. Re: slapd logging in chroot() environment (Dieter Kluenter) 11. meta directory backend and rewriting option '|' (Lehnert, Hartmut) 12. constraint overlay question (jarek) 13. openldap memberof attribute (Vincent Li) 14. deleting schema elements from cn=config (Tim Gustafson) 15. Re: openldap memberof attribute (Michael Str?der) 16. MemberOf attribute not being returned (Mark Cairney)

----------------------------------------------------------------------

Message: 1 Date: Wed, 26 Jan 2011 19:32:22 +0100 From: Andreas Andersson zreoxx@gmail.com To: Peter Boosten peter@boosten.org Cc: openldap-technical@openldap.org Subject: Re: Replication monitoring Message-ID: 7705A370-58E9-4D18-ACF1-9E287851835E@gmail.com Content-Type: text/plain; charset="windows-1252"

Hi!

Thanks. Made a note about the config directory. I've focused on following the FHS: http://www.pathname.com/fhs/ As it is a symlink it should be possible to put the config directory wherever you want (I guess that's what you did).

How about replication verification? Can you confirm that its working?

Regards - Andreas

On Jan 26, 2011, at 10:19 AM, Peter Boosten wrote:

On 24 jan 2011, at 18:55, Andreas Andersson wrote:

...

As always? I appreciate all feedback I can get

This actually looks quite decent: it needs some tinkering if you do

not follow the installation guide (I don't want my /etc directory cluttered with software installed by me, for FreeBSD that's /usr/local/etc), but it's nice and easy to use.

-- Peter Boosten http://www.boosten.org